A powerful Democratic senator introduced a new bill Tuesday that would end the National Security Agency's bulk surveillance of Americans' phone records and force the government to be more transparent and accountable with its spying orders.

Senate Judiciary Chairman Patrick Leahy unveiled his hotly anticipated USA Freedom Act, a measure that has gained considerable traction and buzz over the past week. It is a strengthened version of a bill of the same name that passed the House in May, but only after a number of changes foisted onto it by the administration and defense hawks prompted tech companies and privacy advocates to drop their support.

Leahy's bill currently boasts support from the White House, tech companies, and a litany of privacy and civil-liberties groups that see it as fixing much of what was undone during eleventh-hour backroom negotiations ahead of the House vote.

"If enacted, this bill would represent the most significant reform of government surveillance authorities since Congress passed the USA Patriot Act 13 years ago," Leahy, a Vermont Democrat, said from the Senate floor Tuesday. "It's an historic opportunity, [and] we would be derelict in our duty to this country if we passed up that opportunity."

The tenuous coalition of stakeholders is the product of months of post-Snowden deal-making, and Leahy's bill is widely seen as the best chance to achieve substantive surveillance reform this year. But the measure is likely to incur resistance from defense hawks as Leahy attempts to move the legislation quickly through Congress sometime shortly after lawmakers return to Washington following the August recess.

How Leahy's Freedom Act Would Curtail NSA Spying

Leahy's beefed up measure would effectively end the government's ability to collect bulk metadata—the numbers and time stamps of calls but not their actual contents—on Americans' phone records. Phone companies instead would keep those records and be required to give them to the NSA and other intelligence agencies only after the government earned approval for data searches through the Foreign Intelligence Surveillance Court.

All of those changes were included in the House version of the Freedom Act. Leahy's new version, however, errs further toward the side of privacy and transparency on a number of other key provisions. It specifies that the NSA can't collect all data from a service provider or a geographic zone, such as a ZIP code or area code, by making it explicitly clear what qualifies as a suitable "target" for a search of business records.

The bill would also force the NSA to publicly report more data to the public about its surveillance, including what portion of searches conducted implicate Americans. And it would create a panel of special advocates to argue on behalf of privacy rights before the FISA court.

Leahy had vowed to implement those additional changes ever since the House passed its Freedom Act. But stakeholders were concerned the Obama administration wouldn't be willing to budge much during negotiations, especially because it played a heavy hand in watering down the House version.

Rep. Jim Sensenbrenner, a Wisconsin Republican who authored the original Freedom Act, cheered Leahy in a statement for threading a needle with his compromise "that strengthens the privacy protections of the House bill while retaining support from the administration and intel community."

Does the Bill Have a Chance?

Most observers see Leahy's Freedom Act as the best chance at NSA reform in this Congress. The omnibus legislation is unlikely to earn a vote before the August recess, but it may go straight to the Senate floor when Congress reconvenes in September. Stakeholders are hopeful the bill could hit the president's desk sometime this fall.

But it remains unclear if Leahy has the votes in a historically gridlocked Senate that will have most of its attention diverted to the midterm elections when lawmakers come back to Washington. Senate Intelligence Committee Chairwoman Dianne Feinstein has been an influential backer of the NSA's surveillance programs, and early indications are that she and other defense hawks are less than receptive to Leahy's new proposal.

The California Democrat, according to several sources, wants to push a data-retention mandate that would require phone companies to keep customer data for a certain amount of time that would exceed current requirements set at 18 months. Multiple privacy advocates said such a mandate would amount to a "poison pill" and would likely prompt a cascade of groups to drop their support for the Freedom Act.

However, Leahy has several factors working in his favor. For one, the administration is on board with his version of the Freedom Act, an alliance that could undercut protests from Feinstein's cohort. And Sen. Ted Cruz is among the 13 original cosponsors, marking a partnership that could shore up GOP support. The Texas Republican and potential 2016 presidential hopeful has been remarkably quiet on NSA spying before endorsing Leahy's measure.

Notably absent from the lists of cosponsors are Sen. Ron Wyden and Mark Udall, both Democrats who have been among the most aggressive critics of the government's large surveillance apparatus. In a joint statement issued after the Freedom Act's introduction, the pair of liberal senators called Leahy's bill a "vast improvement" over what passed the House, but said more needs to be done to limit so-called "backdoor" searches of American records incidentally collected during foreign surveillance.

"While this progress is encouraging, this legislation unfortunately lacks important provisions that reformers have proposed to end the backdoor and warrantless searches of Americans' personal electronic communications under Section 702 of the Foreign Intelligence Surveillance Act," Wyden and Udall said. "Congress needs to close this loophole, and we look forward to working with Chairman Leahy and our colleagues to address this issue when the bill comes before the full U.S. Senate."

Despite turbulence from both sides, Leahy's Freedom Act still has significant momentum behind it, thanks to support from a diverse array of stakeholders. The language in his bill boasts endorsements from privacy and civil-liberties groups such as the American Civil Liberties Union and Center for Democracy & Technology, as well as general support from the tech lobby.

"This bill will help restore trust in the Internet by ending the government's bulk Internet metadata collection and increasing transparency around U.S. surveillance practices," said Reform Government Surveillance—a coalition of tech companies that includes Google, Facebook, and Microsoft—in a statement.

Liza Goitein, codirector of the Brennan Center's Liberty and National Security Program, said the new Freedom Act will "take a key step forward by prohibiting bulk collection of Americans' phones, financial, and credit records."

"This would be the first significant restriction Congress has placed on intelligence agencies' ballooning spy apparatus since 9/11," Goitein said.

But Goitein also sounded a common refrain among privacy advocates: This bill, if passed, addresses only a sliver of the sweeping government-surveillance programs that have surfaced since Edward Snowden's leaks began last June.

"It's important to remember that the bulk collection program is the tip of a massive iceberg," she added. "Until Congress addresses the collection and use of Americans' calls and emails under authorities that supposedly target foreigners, the privacy of all of our communications is at risk."

FROM OUR SPONSORS

sponsored

JOIN THE DISCUSSION

By using this service you agree not to post material that is obscene, harassing, defamatory, or
otherwise objectionable. Although Nextgov does not monitor comments posted to this site (and has
no obligation to), it reserves the right to delete, edit, or move any material that it deems to
be in violation of this rule.

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

Data-Centric Security vs. Database-Level Security

Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.